“Telegram is not a private messenger. There’s nothing private about it. It’s the opposite. It’s a cloud messenger where every message you’ve ever sent or received is in plain text in a database that Telegram the organization controls and has access to it”
“It’s like a Russian oligarch starting an unencrypted version of WhatsApp, a pixel for pixel clone of WhatsApp. That should be kind of a difficult brand to operate. Somehow, they’ve done a really amazing job of convincing the whole world that this is an encrypted messaging app and that the founder is some kind of Russian dissident, even though he goes there once a month, the whole team lives in Russia, and their families are there.”
" What happened in France is they just chose not to respond to the subpoena. So that’s in violation of the law. And, he gets arrested in France, right? And everyone’s like, oh, France. But I think the key point is they have the data, like they can respond to the subpoenas where as Signal, for instance, doesn’t have access to the data and couldn’t respond to that same request. To me it’s very obvious that Russia would’ve had a much less polite version of that conversation with Pavel Durov and the telegram team before this moment"
It’s also important to continue educating people about the fact that Signal is incredibly problematic as well, but not in the way most people think.
The issue with Signal is that your phone number is metadata. And people who think metadata is “just” data or that cross-referencing is some kind of sci-fi nonsense, are fundamentally misunderstanding how modern surveillance works.
By requiring phone numbers, Signal, despite its good encryption, inherently builds a social graph. The server operators, or anyone who gets that data, can see a map of who is talking to whom. The content is secure, but the connections are not.
Being able to map out who talks to whom is incredibly valuable. A three-letter agency can take the map of connections and overlay it with all the other data they vacuum up from other sources, such as location data, purchase histories, social media activity. If you become a “person of interest” for any reason, they instantly have your entire social circle mapped out.
Worse, the act of seeking out encrypted communication is itself a red flag. It’s a perfect filter: “Show me everyone paranoid enough to use crypto.” You’re basically raising your hand.
So, in a twisted way, Signal being a tool for private conversations, makes it a perfect machine for mapping associations and identifying targets. The fact that Signal is operated centrally with the server located in the US, and it’s being developed by people with connections to US intelligence while being constantly pushed as the best solution for private communication should give everyone a pause.
The kicker is that thanks to gag orders, companies are legally forbidden from telling you if the feds come knocking for this data. So even if Signal’s intentions are pure, we’d never know how the data it collects is being used. The potential for abuse is baked right into the phone-number requirement.
We have to choose our threat level. Signal is great when you don’t want to expose your data to companies mining it for their profit. It is not so great when you are a person of interest, and need absolute privacy.
The metadata is worthless and pricy to use it for an awarage joe.
The thing is that there’s nothing special about Signal that makes it better than alternatives like SimpleX. I just don’t see why it should be promoted instead of them. Yes, it’s better than WhatsApp where meta has a master key and can read your messages, but why settle when you can use a platform without compromises?
Simple: I already migrated most of my friends over Signal. I did not know better alternatives at the time. While I agree with you, not about SimpleX I dont have enough info about it, but about that there are better solutions.
Opinion: I think painting in Signal in such negative light is more harmful in the practical sense. Having fragmented messaging towards the public that does not care about many of these aspects just makes them a lot more hesitant to change, from my perspective.
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with. That in itself is a market force to show interest and demand for private solutions. Most people I know don’t have the tools or knowledge or time to understand nuances and all they’ll hear are conflicting messages.
For us more technically inclined people: hell yeah, let’s figure out the ideal model and bring it up to maturity so others can join when it’s fleshed out. E.g. when lemmy came to my attention in the reddit 3rd party app fiasco, I was really confused on how to sign up and use it. And I’m no stranger to tech.
Edit: spelling
We as a community should, in my opinion, pick a “good enough” solution for the majority of the people we interact with.
I’d probably suggest Deltachat. It’s decentralized and has always on encryption, but is so incredibly simple and easy to onboard and use, and doesn’t require a phone number or even an email. It also works on all platforms with a single app.
and doesn’t require a phone number or even an email
wait, doesn’t it rely on the email system?
I would rather have signal possibly collect my social graph than google through gmail.
It uses a subset of the email protocol (which makes it very difficult for governments to block) but it no longer uses an an actual email address to function by default.
Even if someone did use a gmail exclusively for this (you can’t use it with an email account you use for normal emails too), everything would be entirely encrypted, and only the app itself would be able to decrypt it (google would not be able to decrypt the messages). But again, no normal user is going to use an actual email address.
You can read more about how it works in their FAQ. But the short version is once you pick a username, it just gives you a QR code or link to send to people, which connects you immediately in an encrypted chat room with no faffing around with emails.
I appreciate the comment on the matter. This is good information to know and consider.
People should know that Signal is encrypted and private, but won’t make you a ghost.
That being said, the majority of people are not interested in privacy so getting them to use Signal over WhatsApp or SMS is a 99% win.
The question here is why not get people to switch to a better platform like SimpleX or even matrix with something like Element. I don’t find that Signal does anything better in practice.
And I’m not arguing not to.
But I tried to get everybody I know to contact me on signal or simplex. For a year. Only one person switched and they did so to signal. Because it was easier and more people were on it. I myself stopped using simplex because not enough people are using it that I know.
So where the rubber meets the road, if anybody wants to use signal I’m good with that because its good for 99% of all things.
If we (as privacy enthusiasts) want to promote the better apps, they need to be and appear less niche so they’re more acceptable.
Apparently they don’t store contact info.
https://signal.org/blog/looking-back-as-the-world-moves-forward/
The problem is that you just have to trust them because only people who actually operate the server know what they do or do not store. Trust me bro, is not a viable security model. As a rule, you have to assume that any info an app collects, such as your phone number, can now be used in adversarial fashion against you.
Yeah there’s a reason they don’t allow you to use your own self hosted server.
People just accepting what companies say is how we ended up in the current mess. But here we are again. Companies work around how people perceive things to be secure and private all the time. It’s just one small cog in the big machine.
It’s how some NGOs are part of a intelligence and surveillance network but people only focus on the social work and it becomes immoral to criticize the good things they do as a cover.
There’s also reluctance to release it in f-droid. They say they want to becontrol the distribution, but they have no problem with Apple and Google being the main distribution platforms. They haven’t even looked at unified push. And that just adds to the “there’s something else going on” factors.
Signal protocol might be bullet proof but the app supplier, centralized server, and phone number requirement and the most mainstream OS aren’t. When you combine with how mainstream OS companies like Microsoft, Apple and Google work together with the feds, there’s ways that the bulletproof protocol may not be sufficient and is only a part of the bigger picture. There’s also US government spying on notification.
They may work without them but the inconvenience will deter 99% of people. Being dependent these external factors, It just doesn’t feel as bullet proof as a whole.
Whatsapp also uses the signal protocol, but you wouldn’t trust them because they’re under facebook, would you?
I also find it really weird how aggressively Signal is being pushed everywhere, and how any criticism of it gets dismissed or ridiculed. It feels a bit like a cult at this point.
I’m fully convinced its just like apple’s support: they make some vagueish unprovable claims about privacy, and have a functional and shiny app. That’s enough for people to overlook all the privacy issues, and build a cult-like fanbase.
Like if anyone walked into a privacy conference and said, “Hey everyone, I’m going to make a private messaging service. I need everyone’s phone number!”, they’d get laughed out of the room. But because their app looks nice, then people need to develop the cult-like following whenever it gets attacked, because its touching on an unresolved cognitive dissonance of this being a terrible idea.
And that is the problem with anything you don’t write yourself. And for anything you do write yourself: Are you smarter than the three-letter agencies?
There are plenty of chat services that aren’t centralized and hosted in the USA.
Sure… and my point is that you have to trust those services that aren’t hosted in the USA. It’s a choice you have to make. I’m not judging either way, just pointing out because what I responded to in the comment to which I replied was:
The problem is that you just have to trust them
Which is true of open source unless you read the code and can verify nothing nefarious exists; which is true if you use a service in a country you trust; which is true no matter what you’re doing.
Not all entities are deserving of the same level of trust - some are more trustworthy than others - but you are still making a decision to trust someone unless you write the code yourself or verify the code yourself.[1]
And had the capability and time to do so ↩︎
Which is true of open source unless you read the code and can verify nothing nefarious exists
Not at all. Not everyone needs to audit open source, only a few interested experts do. Most importantly, auditing is possible because its out in the open.
The just trust me model of signal means its impossible to audit, unless they give us their centralized database and server code.
If you are not auditing the source code, you are trusting those that are.
You don’t have to trust anybody when you run your own server, or you use a server that doesn’t collect information it has no business collecting.
You don’t have to trust anybody when you run your own server,
You have to trust the people that wrote the code.
or you use a server that doesn’t collect information it has no business collecting.
Again, you’re trusting the authors of the code.
Which is fine, but it’s a choice to trust them.
As much as I’d like to favor foss and federated messenger apps, telegram isn’t as much garbage as whatsapp:
1.The client is somewhat open source and have forks like Forkgram, Materialgram and unoffical clients like Telegrand.
2. Telegram isn’t E2EE by default but at least it doesn’t lie about it and have E2EE secret chat when nessesary, that means crucial chats stay on your device and the rest stay on their database recoverable and syncable across devices.
(Yes, whatsapp supposedly is E2EE but we can’t know for sure, it’s closed-source.)
3. You can use telegram as a cloud service with only 2GB per file limit, unlike whatsapp.
(There’s even a third-party app that utilise this as a cloud gallery.)
4. Even tho telegram has ads in large channels, telegram isn’t funded by a greedy big-corp and it doesn’t datamine you, ads are based on the channel’s topic.Yes, in terms of privacy, telegram isn’t the best option, Signal, Session, XMPP, Matrix, or SimpleX have better privacy features, less linkability and E2EE by default but telegram is very mainstream and got more publicity, making it the whatsapp alternative it advertises itself as-is.
Publicity doesn’t make a better messenger app, but for what it tries to do, it’s adoptable for simple users, doubles as cloud storage and is more secure than the garbage being whatsapp.Immigrating users to different apps is a headache on it’s own, but if they know of telegram and it’s not privacy invasive, that’s not bad.
Why don’t we all just truly go FOSS and use matrix?
Because it’s not p2p.
Why is this interview happening inside a sauna?
She likes putting guests on the hot seat.
If you watch the video - its explained starting at 1:13, Moxie built it himself: https://www.youtube.com/watch?v=cPRi7mAGp7I
Right? If they’re just chatting this should be happening in a jacuzzi with nice glasses of milk 🍼 👍
Why is this interview happening inside a sauna?
It’s his personal sauna. He built it himself.
Why did he invite the hot reporter chick to his sauna? would be the follow-up question…
If I had a personal sauna, I’d invite everyone. But I’m not from puritan central (USA) so that might be a foreign concept to some readers.
It’s a sauna on a boat. She’s out in the middle of nowhere with some dude she barely knows. You know, she looks around and what does she see? Nothin’ but open ocean.
Because of the implication…
it’s the D.E.N.N.I.S. system working
That explains that awkward interaction in the interview. It’s like an interview happening in the Black Lodge.
Like in a sauna you should be completely exposed or something
They say the trick to public speaking is to picture the audience naked, but I actually prefer to do my interviews in a sauna so the audience pictures me naked.
I’m on dat Molly
Dude for the first 15s I thought this is porn
its the sauna
How I hate that saunas are associated with porn and sex. It’s not supposed to be sexual and more importantly it’s an awful, just terrible place to have sex
I don’t know man, those benches are nice for a variety of positions. Plus, you are already naked…
Just trust me on this one, 80C+ room just isn’t the place for that sort of exercise. And it’s not like your heart rate isn’t up already lol. It’s a terrible experience
Slow down, big daddy! You can be gentle at it sometimes.
I want you to actually try sauna sex and report back to me, if you don’t believe me. But don’t say I didn’t warn you lol
SimpleX is the most private of the big three. No phone number or account needed. Able to self host.
Pardon my French but what the fuck is SimpleX?
A messenger app Musk touted as better than Signal some time ago
It’s a turd of an App, it’s not even close to ready for prime time.
most importantly it has a severe network effect problem. you will not find anyone to message on it
I don’t understand his point about restoring your messages to a new phone. How does that prove it isn’t encrypted? Couldn’t Telegram store the encrypted data on their server, send the encrypted data back to you and then you automatically decrypt it because you have the key?
With my limited knowledge of cryptography, this is how I understand it:
The distinction to make is that the user’s password is not the encryption key - it only gives access to the key. So even if the user has the same password on a new device, there would be no way to decrypt the data without the original key.
In order to maintain full privacy, data has to be encrypted on device before sending it through any server (whether to another participant in a chat, or for backup). This means that the encryption key has to be on device.
If that key was copied over to a location not controlled by the user (e.g. Telegram server), then that location would have access to the key and can decrypt any data encrypted by that key. In the same vein, if a user loses their phone then that encryption key must be lost, so encrypted data cannot be decrypted on a new phone.
Which means that the only way that Telegram can provide the chats on a new phone (when the user has no access to the old phone) is if they have access to the encryption key and can provide it to the new phone.
From my experience with that: Telegram restored all unecrypted chats when I swapped phones without asking me for any passwort / key. I literally just confirmed my phone number and all my chats / groups / contacts appeared.
What is not mentioned… there’s no privacy when the device itself is compromised. For instance, Android phones can read and phone home data from your notifications. In that case, any messenger app wouldn’t be private from Google’s eyes.
There’s a commonly used Russian metaphor “to not see the forest behind the trees”.
What you are calling a device is in fact a system. It’s a local system, that you are carrying in your hand, but it’s functioning due to a very complex global system which is not. That device in itself is like a 1960s’ town in complexity. In itself, but there’s also the global system.
And these are a result of quite a lot of people employed by various organizations with hierarchies and dependencies. And most of the power in those organizations doesn’t want you to have privacy and autonomy as much and when you want. If you want those, you should produce your own hardware and everything above it. Or build organizations interested in your full privacy and autonomy which will do that. It’s about structure, so just creating a few of them (a goal hardly reachable in itself) with manifests saying “we want to be good” won’t change anything.
So, if you were wondering why contemporaries of Stalin’s regime were reluctant to divorce it with Marxism and call it something else, - that’s similar to this. They really wanted to believe there’s a Marxist superpower, just like some people wanted to believe Google is a good corporation, and before that some people wanted to believe Apple is a counterculture corporation, and so on. And, at various moments in time and space, in various dimensions, sometimes these were. Just like in some ways the British Empire was really bringing civilization to the world.
The more life and diversity there is, the likelier we are to have good things. That doesn’t mean we’ll ever have full privacy, full autonomy, fully civilized, peaceful and honorable world, and so on. We won’t.
I think that metaphor is quite universal because it’s also used very commonly in English and Estonian at the very least.
It’s common in Russia. It’s common a lot of places, but it’s common in Russia
But yeah, I’ve used that and the inverse depending on the context plenty of time.
Well, that something common in Russia as a metaphor is also common in Estonia wouldn’t be a surprise, but in English seems a bit less common. Anyway, that wasn’t the point of my comment.
It’s been documented to have been in use in English in the 16th century
I think it’s just so old that it’s more or less ubiquitous
That’s absurd coming from the founder of a FOSS messaging app who actively decided not to let Signal federate and rejected any other open source Signal client. Not only that, even now you can’t truly use Signal’s new “username” feature. If any of the recipients have your number stored in their phonebook, irrespective of whether you know them or not, the username goes for a toss. This was/is the problem with Telegram’s username feature. Signal knew this and still decided to go ahead with it. Not to mention never doing anything about completely removing the phone number from the account after its creation. This has been, by design, a privacy and hence safety threat, and even after the username feature was implemented, this not getting implemented is very concerning.
I’m sorry your free messaging app isn’t perfect. /s
And I always assumed that nicknames was just as much to prevent screenshots from becoming a liability.
you can’t truly use Signal’s new “username” feature. If any of the recipients have your number stored in their phonebook, irrespective of whether you know them or not, the username goes for a toss.
Hm. I haven’t interacted with a new Signal user in a while… but I do see in settings two knobs: “who can see my phone number” and “who can find me with my phone number”. Both of these settings can be set to “nobody”.
I’m guessing if I set “who can find me with my phone number” to “nobody”, then even if someone has my phone number in their contacts, they wouldn’t know I’m a Signal user?
Don’t forget not allowing you to sync historical messages between your phone and PC. Apparently somehow that’s just too complicated.
Its not about being complicated, its about dumping the whole chat history with just a few seconds of physical acceas to the device.
LEA has used this method with messangers like Whatsapp for years to quicly exfiltrade the data from a victims phone to other software.
There’s a pin. Just require the pin.
The Pin is not designed and used for such an authentication. Also can be changed at any time:
How do I manage or change my PIN?
On your phone, go to Signal Settings > Account > Change your PIN
What are you talking about?
I literally installed Signal on my Linux laptop yesterday and it automatically downloaded all my messages from my phone.
Last time I did that, it would only sync new messages
they definately installed signal and fucked afterward
I predict yet another Signal-related hack within the month.
And it will again be about someone added to the wrong group. Meaning - not a hack.
See this is why I’m reluctant to start listing them because I don’t want to get dragged into an interminable discussion about how hacks like https://thehackernews.com/2025/02/hackers-exploit-signals-linked-devices.html?m=1 somehow “don’t count” because it was the user’s fault, or https://support.signal.org/hc/en-us/articles/4850133017242-Twilio-Incident-What-Signal-Users-Need-to-Know doesn’t count because it didn’t include chat messages.
The irony is I very carefully chose my words when I said “Signal-related hack” instead of “Signal hack” because I knew fanbois would show up to argue that anything short of a central database leak isn’t really a hack.
Signal is also not private
The onus is on you to back up that claim
Look for other comments in this thread that back up this well-known fact.
You mean the messenger that requires you give them your phone number to make an account? Yeah, fuck that.
What is a Moxie Marlinspike?
